#!/bin/sh /etc/rc.common

USE_PROCD=1
START=25

DOCKERD_CONF="/tmp/dockerd/daemon.json"

json_add_array_string() {
	json_add_string "" "$1"
}

process_config() {
	local alt_config_file data_root log_level

	rm -f "$DOCKERD_CONF"

	[ -f /etc/config/dockerd ] || {
		# Use the daemon default configuration
		DOCKERD_CONF=""
		return 0
	}

	config_load 'dockerd'

	config_get alt_config_file globals alt_config_file
	[ -n "$alt_config_file" ] && [ -f "$alt_config_file" ] && {
		ln -s "$alt_config_file" "$DOCKERD_CONF"
		return 0
	}

	config_get data_root globals data_root "/opt/docker/"
	config_get log_level globals log_level "warn"

	. /usr/share/libubox/jshn.sh
	json_init
	json_add_string "data-root" "$data_root"
	json_add_string "log-level" "$log_level"
	json_add_array "registry-mirrors"
	config_list_foreach globals registry_mirror json_add_array_string
	json_close_array

	mkdir -p /tmp/dockerd
	json_dump > "$DOCKERD_CONF"
}

start_service() {
	local nofile=$(cat /proc/sys/fs/nr_open)

	process_config

	procd_open_instance
	procd_set_param stderr 1
	if [ -z "$DOCKERD_CONF" ]; then
		procd_set_param command /usr/bin/dockerd
	else
		procd_set_param command /usr/bin/dockerd --config-file="$DOCKERD_CONF"
	fi
	procd_set_param limits nofile="${nofile} ${nofile}"
	procd_close_instance
}

reload_service() {
	process_config
	procd_send_signal dockerd
}

service_triggers() {
	procd_add_reload_trigger 'dockerd'
}

ip4tables_remove_nat() {
	iptables -t nat -D OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER
	iptables -t nat -D PREROUTING -m addrtype --dst-type LOCAL -j DOCKER

	iptables -t nat -F DOCKER
	iptables -t nat -X DOCKER
}

ip4tables_remove_filter() {
	iptables -t filter -D FORWARD -j DOCKER-USER
	iptables -t filter -D FORWARD -j DOCKER-ISOLATION-STAGE-1
	iptables -t filter -D FORWARD -o docker0 -j DOCKER

	iptables -t filter -F DOCKER
	iptables -t filter -F DOCKER-ISOLATION-STAGE-1
	iptables -t filter -F DOCKER-ISOLATION-STAGE-2
	iptables -t filter -F DOCKER-USER

	iptables -t filter -X DOCKER
	iptables -t filter -X DOCKER-ISOLATION-STAGE-1
	iptables -t filter -X DOCKER-ISOLATION-STAGE-2
	iptables -t filter -X DOCKER-USER
}

ip4tables_remove() {
	ip4tables_remove_nat
	ip4tables_remove_filter
}

stop_service() {
	ip4tables_remove
}
